This person is a verified professional.

If a network is defined on an interface the routes are implicit link local. What you will need is a policy that allows the connections between the two networks. This could be an any policy if you want to allow all traffic, or your policies could be specific to the services you have running on the networks.

This person is a verified professional.

You can't see them or you can't access them? These are two completely different things!

If you can't see the 'computers', than check your WINS configuration. You need the access to a WINS server on the trusted network, if you want to see you 'Network Neighborhood'.

If you can't access (e.g. by typing \\192.168.111.22\c$ - where the IP address is the address of a windows computer on the trusted network) directly into Windows explorer, than you indeed have a problem with the connectivity (but could also be blocked by the windows firewall on that PC).

If you get trough by using the IP address, than you should try by a hostname e.g. \\mypc\c$ or just try nslookup in the command prompt, if you have a DNS misconfiguration.

Since you said, that you added an 'Any' rule to pass the traffic, I guess, that you don't have any problem pinging the resources on the trusted network and you 'just' have a WINS problem.

I can´t see any workstations and I can´t access them neither. I already tried to access various ressources by addressing the IP adresses, but without any success.

When I am on a computer on subnet 2, I can ping the gateway of subnet 1 and a shared printer, but i can´t ping any workstation on subnet 1. I already disabled the windows firewalls.

To make things more complicated: I can also ping these workstations on subnet 2 and even access them from a remote subnet 3 which is connected through a BOVPN tunnel - which makes me especially confused.

This person is a verified professional.

It's very hard to say what your problem is, without insight in your configuration and traffic monitor.

In any case, you should have TWO 'Any' rules to allow the traffic between the two subnets - one to allow traffic in and another to allow traffic out. Check first, if this is correct in your configuration.

Second, enable logging on the two 'Any' rules for the traffic between the two subnets.

Run WSM/Traffic monitor and set the filter to the unique substring of the optional network (e.g. 192.168.222 if the network address is 192.168.222.0). Check if all connections are 'green' or 'red'. If you have a lot of red lines that state 'Unhandled Internal Packet', you will know to doublecheck the 'Any' rules you added.

If all or most of the traffic is 'green', than you have another problem, that is possibly not caused by the firewall. It could be than a routing problem or something like that.

You also did not mention, if traffic to the internet works from the problematic subnet....

This person is a verified professional.

Is the Any-Any rule on top of your firewall rules?
What does the traceroute output look like? Is the traffic going to the firewall?
Are you experimenting only from one device on the optional subnet, or is it the same on all (multiple) devices?

I think you have a routing problem, I just can't say, where the source of the problem is...